API ReferenceSession
POST
/v1/auth/logout

Log the user out from the provided session

This API endpoint will sign the user out of the provided session using the refreshToken. Successfully executing this endpoint will invalidate the provided refresh tokens. Response will also include all user tokens and fields empty, so the executing client will remove cookies as well.

Endpoint Authentication

Use authorization bearer header with the following format:

Authorization: Bearer \<Project ID:Refresh JWT\>

Try it

/v1/auth/logout

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

Status codeDescription
200OK
curl -X POST "https://api.descope.com/v1/auth/logout" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <Project ID:Refresh JWT>" \
  -d '{}'

{
  "sessionJwt": "string",
  "refreshJwt": "string",
  "cookieDomain": "string",
  "cookiePath": "string",
  "cookieMaxAge": 0,
  "cookieExpiration": 0,
  "user": {
    "loginIds": [
      "string"
    ],
    "userId": "string",
    "name": "string",
    "email": "string",
    "phone": "string",
    "verifiedEmail": true,
    "verifiedPhone": true,
    "roleNames": [
      "string"
    ],
    "userTenants": [
      {
        "tenantId": "string",
        "roleNames": [
          "string"
        ],
        "tenantName": "string"
      }
    ],
    "status": "string",
    "externalIds": [
      "string"
    ],
    "picture": "string",
    "test": false,
    "customAttributes": {},
    "createdTime": 0,
    "TOTP": false,
    "SAML": false,
    "OAuth": {
      "property1": false,
      "property2": false
    },
    "webauthn": true,
    "password": true,
    "ssoAppIds": [
      "string"
    ],
    "givenName": "string",
    "middleName": "string",
    "familyName": "string",
    "editable": true
  },
  "firstSeen": true,
  "idpResponse": {
    "samlResponse": "string",
    "samlGeneratedUser": "string",
    "samlGeneratedRoles": "string",
    "oidcResponse": "string",
    "oidcGeneratedUser": "string",
    "oidcGeneratedRoles": "string"
  }
}

Was this helpful?

Previous

Select an active tenant

Next

Sign-Out All Active Sessions